Brocade Fabric Watch Administrator's Guide - Supporting Fabric OS v7.0.x (53-1002153-02, March 2012)

40 Fabric Watch Administrator’s Guide
53-1002153-02
Security monitoring guidelines and default settings
6
Security monitoring guidelines and default settings
The Security class monitors all attempts to breach your SAN security, helping you fine-tune your
security measures.
Security class areas
Table 5 lists Product Name areas in the Security class and describes what each area indicates.
Although it is recommended that you leave the entire Security class in its default state (no alerts),
you can configure the Security class using the thConfig command.
TABLE 5 Security class areas
Area Description
DCC violations (DV) An unauthorized device attempts to log in to a secure fabric.
HTTP violations (HV) A browser access request reaches a secure switch from an unauthorized IP address.
Illegal command (IV) Commands permitted only to the primary Fibre Channel Switch (FCS) are executed on
another switch.
Incompatible security
DB (ISB)
Secure switches with different version stamps have been detected.
Login violations (LV) Login violations which occur when a secure fabric detects a login failure.
Invalid Certifications (IC)
No-FCS (NF) The switch has lost contact with the primary FCS.
SCC violations (SV) SCC violations which occur when an unauthorized switch tries to join a secure fabric.
The WWN of the unauthorized switch appears in the ERRLOG.
SLAP failures (FSLAP) SLAP failures which occur when packets try to pass from a nonsecure switch to a
secure fabric.
Telnet violations (TV) Telnet violations which occur when a Telnet connection request reaches a secure
switch from an unauthorized IP address.
TS out of sync (TS) Time Server (TS) which occur when an out-of-synchronization error has been detected.